Products | Scripts | Services | Tutorials | Books | Links | Contact | Bulletin Board

Docs and Tutorials

Uploading scripts | Setting up Apache on NT | Converting MP3 files | Install Modules from CPAN
Optimizing mod_perl | Fight Spam - conceal your emails | Build thumbnails in batch mode

Installing a Win32 box with Apache

Let's face it... you cannot use Microsoft for serious web hosting. If you want to configure your machine to be secure and reliable, get your hands on Linux... any Linux.

You want to start with something that is easy to understand, get familiar with it on your notebook or home computer, and move later on to a Linux box. I will give you an example of how to get set up here, with free software.
No MS, no B.S.

Before anything, read this, please!

This tutorial is not supposed to be the safest, nor the best way of installing Apache on windows. It is merely created to provide a very easy step-by-step install help for Apache beginners. We do recommend reading the Apache documentation, as well as the documentation for other plugins and applications we use in combination with it.

Activestate cautions you not to use their software on Win95, Win98, or WinME, although I got them to work just fine with the configuration listed here. It is better indeed, if you use WinNT/Win2000/WinXP, since these platforms offer more stability, you can run applications as a service, the file system is more reliable, etc.

A few words here to where you should put your web content.

When I install a box, even if I only have one hard disk, I partition it in two different partitions, the first being the system partition, the other is the data partition. That way, if your system disk is getting screwed up by some virus, your data is still in a safe place. Do not install any programs on that partition. Only web data. That means, the static web content, your cgi directory, the web counter, your PHP stuff, etc.

I usually change the drive letter to that drive to be W:. This is particularily good, since you can play around with the other drives, but have your data drive at the end of the choices. Play it safe.

If you do not have a choice, then replace W: with C: in the examples below. Do keep in mind that it is wise to separate data from apps, at least at the directory level.

Installation path

The installation path for most programs, is by default "c:\Program Files\...", wich we do not like, from various reasons. It gives me a certain peace of mind, when I see all _important_ software located in its own directory. Do not trust Microsoft here. Use for the install path: "c:\apps". That way, you are not in the system area, you have no spaces in file names (yes, they are allowed, but you have to extra put in quotes any path with spaces in the file names... eeek).

Perl - Activestate Perl

You do not have much choice here, but the Activestate Perl is still cool software. Use for the installation path: "c:\apps\perl".

Once installed, it is useful to install a couple extra packages from CPAN. To install something from CPAN, open a command prompt (Start / Run / cmd), and change the directory to the perl binary directory, then open the package manager:

cd c:\apps\perl\bin
ppm

Once you see the prompt "PPM>", you can type in the install commands, for example:

install Time::HiRes
install Crypt::SSLeay

The first one will install you a high resolution timer that is used by the shop for the benchmark process. The second is needed for the backend LWP::UserAgent module, if you want to open secure connections from your CGI script. In the process of installing other scripts, you will have to get through this routine to install other necessary packages from CPAN.

The Web Server - Apache 2.x

Choice #1 on the internet is Apache. It is free, easy to install, customize, and on Linux you can even compile it with various modules to offer extra functionality. It is the best documented web server on the Net, and by far, the easiest to use.

There are two versions of Apache worthy of using:

The standard Apache, found under:
http://www.apache.org/

The IBM port of Apache, found under:
http://www-4.ibm.com/software/webservers/httpservers/download.html
or
http://www14.software.ibm.com/webapp/download/product.jsp?s=p&id=RBAR-5LER2T

If you want secure server support, we recommend the IBM version, although the setup is a bit tricky.

Installing the default Apache it is easy, you have to provide a few parameters, we will give here some recommendations.

For the reasons described earlier, choose as installation path "c:\apps\". The install program will create then the c:\apps\apache2, which will be the program directory.

In the next installation screen, use for the host name, the same name as the machine itself. There are a lot of names that you can choose from, but I will recommend naming the machine in advance something like "www". That way, if you end up purchasing some extra ActiveState software that requires the machine name in the licensing code (or for that reason, from other companies with a similar licensing policy), you will be able to move the stuff easily to another host. If you name the machine something like "snowwhiteandthesevendwarfs", you will end up hating the name later on, but your software just is licensed to that name... hmmm...

When installing this on Windows XP, you will most likely get windows security alert, about unblocking the Apache HTTP Server, please do so.

Apache should install in the taskbar a monitoring tool that would allow you to control the apache service.

Once through with the installation process, you will need to do here some customizing. For example, you need to configure properly the web root, the cgi-bin directory, add mod_perl and PHP, and so on.

 

Configuring Apache

Before making any changes, please note that even if in the Windows command prompt a path looks like: c:\apps\apache2, when you edit an apache config file, you SHOULD use forward slashes, like: c:/apps/apache2.

The only file that you will ever need to modify, to configure your web server is located under: "c:\apps\apache2\conf\httpd.conf". Use a text editor as the one described in the header of this document, and do the following changes:

 
Configure your web root

Locate the string "DocumentRoot "C:/apps/Apache2/htdocs" and change it to read:

DocumentRoot "w:/http/www"

Of course, you will need to create these directories on the secondary partition, or if you choose to use the C: for your web data, use the correct drive letter in this path.

Same thing should be done for the directory pragma, that is by default:
<Directory "C:/apps/Apache2/htdocs"> and change it to read:

<Directory "w:/http/www">

 

 

Configure the CGI directory

This will be the place for your perl scripts, as well as other CGI scripts. Note that not every Perl script is a CGI script, and CGI does not mean automatically Perl. CGI programs can be written in other scripting languages, or even be programs compiled in C/C++.

Locate the string: ScriptAlias /cgi-bin/ "C:/apps/Apache2/cgi-bin/". Modify that line, as well as the directory pragma that immediately follows, to the following format:

ScriptAlias /cgi-bin/ "w:/http/cgi-bin/"
<Directory "w:/http/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>

If you plan on using cgi scripts in other directories, locate the string "To use CGI scripts:" string, the commented out line after it should be something like "#AddHandler...". ADD the following lines:

AddHandler cgi-script .cgi
AddHandler cgi-script .pl

 

 

Install and configure PHP as a CGI binary

After you download the PHP zip, unpack it in the following path: C:\apps\php\

Add at the end of the httpd.conf, the following lines:

ScriptAlias /php/ "c:/apps/php/"
AddType application/x-httpd-php .php
Action application/x-httpd-php "/php/php-cgi.exe"
SetEnv PHPRC C:/apps/php

You can also install PHP as an Apache module. This option is documented in the install.txt file, from the PHP directory.

Copy the file php.ini-recommended to php.ini.

The defaults should get you started; we recommend browsing the file later on, to learn about the configuration options.

 

 

 

This was the basic install for Apache. Now we need to add some useful packages.

 

Installing mod_perl for Apache on Win32 (optional)

This is your only reasonable choice of a CGI accelerator on Win32 platforms. Sure, Activestate has the PerlEx, but they let you pay for it, and it's not a wise choice anyway... mod_perl is cross-platform, reliable, easy to install, and free.

Open the ppm interface in Activestate Perl (as described above), and type in:

set repository MP http://theoryx5.uwinnipeg.ca/cgi-bin/ppmserver?urn:/PPMServer
install mod_perl

That works just fine, it will copy a lot of files in the Perl directory, and then spawn a separate command prompt and ask you for the directory for the Apache modules, wich is: "c:/apps/Apache2/modules", or in the case of the IBM Apache, "c:/apps/ibmhttp/modules". That would be the first part of the installation.

Then, we use a text editor to open the Apache httpd.conf file, and we add the following line, after the list of the "#LoadModule ..." declarations:

LoadModule perl_module modules/mod_perl.so

Then, we add the following code, at the bottom of the httpd.conf file:

### mod_perl Apache::Registry scripts
LoadFile "C:/apps/Perl/bin/perl58.dll"
LoadModule perl_module modules/mod_perl.so
PerlTaintCheck On
Alias /mod-cgi/ "w:/cgi/www/"
<Location /mod-cgi>
SetHandler perl-script
PerlResponseHandler ModPerl::Registry
PerlOptions +ParseHeaders
PerlSendHeader On
Options +ExecCGI
</Location>

Now restart Apache, and you are done. Since you installed Apache as a service, you need to do that from the Services control panel.

As you may have noticed, we used the same directory for both cgi-bin and mod-cgi. It is no problem, since the non-mod_perl scripts can be called as /cgi-bin/myscript.cgi and not conflict with the other scripts.

 

 

 

 

 

 

 

 

 

 

The IBM port of Apache

If you install the IBM version, this will be about the same apache server, with a twist. For one, IBM offers FastCGI page caching, and other goodies.

What is the best though, the server comes with free SSL support. IBM offers a java interface for the key management, so you might have problems running it on WindowsXP, but then again, nobody in the right frame of mind will install and develop on a Microsoft platform before at least the first service pack came out :)

Installing the server is equally easy, I have them both installed on one machine; the standard apache under c:/apps/apache, and the IBM version under c:/apps/ibmhttp. If you plan using/comparing both versions, it would be best if you stick with the same model that I use, otherwise just install it under c:/apps/apache.

If you are running on NT or Win2000, I recommend you create the user that will run the http daemon in advance. To do so, you open the user management tool, and add an user with the user id "httpd" and the password of your choice. Define that user as "User cannot change password" and "Password never expires".

Now you go through the basic install of the software, install with defaults (i.e. choose the "c:\IHSinstall" for the unpacking directory), and let's suppose you install it in c:/apps/ibmhttp. You will be asked for installing the server as a service, and prompted to enter the user ID and the password. Use here the user you just created. Restart the computer, as the path to the java interface will be needed.

The default install will assume that you have your web content in the C:/apps/ibmhttp/htdocs and the cgi scripts in the C:/apps/ibmhttp/cgi-bin. We recommend changing those to the place where you have your web content, as in the example for the standard Apache, above.

Copy the management tools from the default location, to your web root

As per standard install, the software provides a very useful maintenance interface that accesses the admin server running on port 8008. Please copy all the files from C:/apps/ibmhttp/htdocs into the location of your web root, in our example being w:/http/www.

If you install SSL, there are a couple things that you can do manually, it is easier and faster:

Enable the Apache SSL module
Locate the list of "LoadModule" entries, and append at the end the one corresponding to the SSL module:

LoadModule ibm_ssl_module modules/IBMModuleSSL128.dll

Disable the AFPA support
Look for the line containing the "AfpaEnable" and uncomment it, as the two other lines follwing it:

# AfpaEnable
# AfpaCache on
# AfpaLogFile "C:/apps/ibmhttp/logs/afpalog" V-ECLF

This feature is incompatible with the server running both the normal and secure version, and I spent a full day searching for what the reason was, since IBM chooses to be a bit cryptic here...

Describe the SSL version
Within the web root directory tag, add the line that describes the SSL version:

<Directory "w:/http/www">
  ...
SSLVersion SSLV3
</Directory>

Create the SSL virtual host
Add at the bottom of the file the following lines:

Listen 80
Listen 443
<VirtualHost www.mydomain.com:443>
  SSLEnable
  SSLServerCert www
  
  ServerAdmin myname@mydomain.com
  DocumentRoot w:/http/www
  ServerName www.mydomain.com
  ErrorLog logs/www.mydomain.com-error.log
  TransferLog logs/www.mydomain.com-access.log
  
  ScriptAlias /cgi-bin/ "w:/cgi/www/" 
</VirtualHost>
SSLDisable
Keyfile c:/apps/ibmhttp/ssl/key.kdb
SSLV2Timeout 60
SSLV3Timeout 120

As you can see, there is an entry about the Keyfile, which we did not create yet. This would be the last step to take before you can go live with it.

Also, note that you have to create a ScriptAlias entry that points to your script directory, within the virtual host stanza. You might have to do the same for the other Alias or ScriptAlias entries, but test them on a one by one basis.

Creating a SSL key

Open the java interface for the IBM HTTP server. This should be under Start/Programs/IBM HTTP Server, named "Key Management Utility". Click on "Key Database File / New", preserve the name "key.kdb", but change the path to c:/apps/ibmhttp. Choose a password, and click on "Stash the password" box.

Now, for the sake of getting started fast, we will create a self-signed certificate. Click on "Create / New Self-Signed Certificate", choose for the key label "www", and enter your full host name under "Common Name": "www.mydomain.com". Enter something for the Organization field too. Save the file and stash again the password. Exit the key management utility.

You have to move now the 4 files, key.crl, key.kdb, key.rdb, and key.sth from c:\apps\ibmhttp in the directory c:\apps\ibmhttp\ssl, before you restart the server. It seems that IBM screwed up something with the paths, if you do not move the files, you will get the error: "mod_ibm_ssl: GSK could not initialize, Invalid password for keyfile.". It took me quite a while to figure that one out, and IBM does not document things like that... but hey, once set up, it does work :)

You should be able to access the server now, both as HTTP and HTTPS. Since the certificate was self-signed, you will get an prompt to accept the certificate, which you should "OK".